package com.iverson.nginx.gateway.controller;

import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class AuthController {

    @GetMapping("/api/check/auth")
    public ResponseEntity<Void> authCheck(HttpServletRequest request) {
        // 从Header或Cookie获取认证信息
        String token = request.getHeader("Authorization");
        // 实现你的校验逻辑（示例仅检查是否存在Token）
        if (StringUtils.hasText(token) && validateToken(token)) {
            return ResponseEntity.ok().build();
        } else {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
    }

    private boolean validateToken(String token) {
        // 实际校验逻辑，如JWT解析、数据库查询等
        return token != null && token.startsWith("Bearer valid");
    }
}
